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Abstract 

The imperative need for unconditional secure key exchange is expounded by the increasing 
connectivity of networks and by the increasing number and level of sophistication of cyberattacks. 
Two concepts that are information theoretically secure are quantum key distribution (QKD) and 
Kirchoff-law-Johnson-noise (KLJN). However, these concepts require a dedicated connection be¬ 
tween hosts in peer-to-peer (P2P) networks which can be impractical and or cost prohibitive. 
A practical and cost effective method is to have each host share their respective cable(s) with 
other hosts such that two remote hosts can realize a secure key exchange without the need of an 
additional cable or key exchanger. In this article we analyze the cost complexities of cable, key 
exchangers, and time required in the star network. We mentioned the reliability of the star network 
and compare it with other network geometries. We also conceived a protocol and equation for the 
number of secure bit exchange periods needed in a star network. We then outline other network 
geometries and trade-off possibilities that seem interesting to explore. 
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1 Introduction 

1.1 Motivation for a secure network 

In the advent of intelligent vehicle information networks pQ, the smart power grid [2], and the Internet 
of Things {loT) [3], current infrastructure is becoming increasingly dependent on cyber networks. This 
dependency makes current infrastructure a larger more attractive target for cyberattacks, such that 
the National Security Agency (NSA) director stated the U.S. power grid could be shut down with a 
cyberattack [1]. 

Secure communication channels are needed to prevent eavesdropping or intervention. Increasingly 
though, communications is directed away from expensive, dedicated networks in favor of the open 
internet. In order to ensure secure communications, security keys are needed to set up a secure commu¬ 
nication. The keys are generated, and shared via a publicly accessible channel by secure key distribution 
protocols. Consider a secure key exchange between Alice and Bob, Alice and Bob must consider that 
an eavesdropper (Eve) is trying to extract the key as illustrated in Figure]^ Secure key exchanges can 
be categorized as either software-based or hardware-based. 

Software-based key exchanges are based on mathematical algorithms with the assumption that Eve 
does not have enough computing resources to crack the key. In essence, software-based key exchanges 
offer no security from an information theoretical point of view. The security is only (computationally-) 
conditional and is not future-proof, meaning that with enough computing resources the key can be ex¬ 
tracted. The advantages of software-based key exchanges are the low cost, hardware communicator is 
not required, and the keys can be exchanged over the Internet, thus eliminating the need of extra infras¬ 
tructure. The other option is hardware-based key exchange, these offer an advantage of unconditional 
security. 


1 


Figure 1: An illustration of Alice and Bob in a secure key exchange while Eve is seeking to tap the 
communication channel and extract the key. 



1.2 Hardware-based secure key exchanges 

The Quantum Key Distribution (QKD) |S] and the Kirchhoff-Law-Johnson-Noise (KLJN) [HI El El El 
[iniiniiniESlliailslllelllTllIHlIIHlEoliniEaESlElESlEg secure key exchange are two examples of 
hardware-based secure key exchange concepts that are information theoretically secure m Thus even 
with infinite computing resources the key will not be extracted by Eve, because the security offered by 
these schemes are based on fundamental laws of physics, to crack the key exchange would require Eve 
to break the underpinning laws of physics. The main disadvantage of hardware-based key exchanges 
is the higher cost, as they require a physical communicator at each host, and a dedicated connection 
between communicators. Such communication schemes can be considered peer-to-peer (P2P) [28] . 

The QKD key exchange utilizes the quantum no-cloning theorem of quantum mechanics [5] to 
distribute key bits. In theory it is information theoretically secure, however the physical implementation 
of QKD has been debated and the method has been hacked [221 EHl Ell E2]- 

The KLJN key exchange utilizes the laws and properties of classical mechanics [B] to generate and 
distribute key bits. In the KLJN key exchange depicted in Pigurej^ Alice and Bob have two identical 
resistor pairs, i?L and Rn (the values of the resistors are such that i?L i Rr) which represents the low 
and high bits respectively. At the beginning of each bit exchange period, the communicators 
randomly generate a bit value and connect the corresponding resistor to the wire line. The effective 
value of the resulting thermal noise in the cable has three possible levels. When it is at the intermediate 
level, Alice and Bob will know that the other party has the opposite bit value than their own. Thus a 
secure bit exchange took place because Eve, while she also knows that Alice and Bob have opposite bit 
values, she does not know who has the i?L value and who has the value Pi- 

1.3 Secure key exchange over P2P networks and the fully connected net¬ 
work 

Hardware-based key exchanges require P2P networks with a dedicated connection to each host. For 
very large networks this will be costly due to the infrastructure (cables) and key exchangers. The 
cost complexity of the growth for different networks can be denoted by Tcabie(A^) for number of cables, 
Tke(A^) for number of key exchangers, and Ttime(A^) for amount of time required or speed to complete 
a secure bit exchange, with N representing the number of hosts in the network. 

A simple method to construct P2P networks is a fully connected network also known as the complete 
graph in graph theory. The fully connected network is illustrated in Figure The fully connected 
network does not require a protocol since every host in the network has a dedicated connection with 
every other host in the network, and can process a secure bit exchange with any other host at any 
time simultaneously. This network has A^ — 1 key exchangers per host and scales with the order of 
for cables and key exchangers, which makes this network impractical for very large networks. The 
complexities are T'cabie(A^) e Tke(A^) G and Ttime(A^) G 0(1). We will denote the fully 

connected network with A^ — 1 key exchangers per host as FCNat-i. The fully connected network has 
A^ — 1 key exchangers for every host resulting in {N — 1)-N total key exchangers for the entire network, 
A^ — 1 direct connections for every host resulting in (A^ — 1) ■ N/2 total cables for the entire network. 


2 


Figure 2: An illustration of a KLJN system. Alice and Bob each have a communicator which have 
noise generators, a low resistor i?L, and a high resistor The noise voltages are enhanced by Johnson 
noise f/A,L or Fa.h for Alice; and 17 b,l or [/b.h for Bob, which is measured between the wire and the 
ground. Once the communicators select a resistor they measure the mean-squared voltage amplitude 
< > and or the current amplitude < Ilit) >■ 


Uch{t), Ich{t) 



The advantage the fully connected network has is time, as every host in the network can simultaneously 
process a secure bit exchange with every other host in the network. 

If the cost of having {N — 1)-N key exchangers for the entire network is too costly, then a trade-off 
between the number of key exchangers and speed might be preferable. If there is only one key exchanger 
per host in the fully connected network then the complexities for the fully connected network will be; 
Tcabie(77) £ Tke(77) G 0{N), and Ttime(A^) G 0{N), and will require a protocol which we will 

denote as FCNi to process a secure bit exchange with every host in the network. 

The fully connected network is robust and reliable as it does not depend on a single cable or key 
exchanger. If there is cable destruction or a damaged key exchanger then only the hosts connected by 
that cable or key exchanger will be affected, and only that connection will be affected. The affected 
hosts will still be able to process a secure bit exchange with other hosts which do not depend on the 
damaged cable or key exchanger. 

To add additional hosts to the fully connected network will be trivial since it does not have a 
protocol. In the case of FCNi the protocol will need to consider the added host. 

1.4 Linear chain network with two key exchangers per host 

Linear chain networks also know as bus networks or daisy chain networks, contain a single line and two 
key exchanges per host as illustrated in Figure and were analyzed in [33] in the contexts of smart 
grids. The linear chain network with 2 key exchangers per host has complexities of Tcabie(-^) G 0{N), 
Tke(77) G 0{N), and Ttime(-^) G 0{N‘^). By having 2 key exchanges per host the linear chain network 
can process 2 simultaneous secure bit exchanges as long as one host is downstream, say host i—a for 
any positive integer a and the other host is upstream, say host i+b for any positive integer b of the 
zth host. The first host and the last host are special cases which cannot have simultaneous secure key 
exchanges with other hosts [33] . 

The reliability of the linear chain network is dependent on the cable. If there is damage to the cable 
then the network will become two different networks divided at the location of the damaged cable, and 
the two networks cannot process a secure bit exchange with each other. The linear chain network is 
more robust if there is damage to a key exchanger, then only the host with the damaged key exchanger 
will be slowed down but will be able connect with all other hosts in the network since there are two 
key exchangers per host. 

If an additional host joins the network with N hosts then the protocol will consider A^ -|- 1 hosts 
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Figure 3: An illustration of a fully connected network with — 1 communicators per host (denoted as 
FCNjv-i) has complexities of Teabie(A^) e 0{N^), Tke(A^) G 0{N^), and TtimeiN) G 0(1). 



instead of N, this will be a relatively simple fix as the the protocol can be preprogrammed in the hosts 
for any N. 

Figure 4: An illustration of a linear chain network with 2 key exchangers per host has complexities of 
rcabie(A^) G 0(7V), T^N) G 0(iV), and Tu^N) G 0{N^). 



2 Results and Discussion 

2.1 Star network 

The star network is a hub and spoke topology with a center switch like an old telephone exchange 
switch system, and has branches connected to the center. We denote the star network protocol with 
one key exchanger per host as STAR. The complexities of the star network are Tcabie(A^) G 0{N), 
TUN) G 0{N), and T^^UN) G 0(iV). Figure]^ is an example of a star network with N branches. 

The most efficient protocol in the star network is similar to the protocol in the linear chain network 
in regards to first connecting to the nearest neighbors, then connecting the second nearest neighbors, 
and so on. The star network allows for faster speed than the linear chain network with similar cable 
and hardware complexities. 

2.2 Graph theory and previous work on the star network 

In graph theory the hosts are considered vertices and the cables are considered edges |3l] . The protocol 
of the star network is to connect every host in the network to process a secure bit exchange with 
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Figure 5: An illustration of a star network system with one key exchanger per host has complexities of 
Tcabie(iV) e 0(iV), Tke(iV) G 0(iV), and Tu^N) e 0(iV). 



every other host in the network in the least number of Secure Bit Exchange Period (SBEP) steps. In 
graph theory the star network protocol can be described as a special case of a edge-color problem [35] 
known as round-robin(RR) tournament or all-play-all tournament problem [36]. The number k of edge 
colors needed in graph theory is the number of SBEPs needed in the star network protocol, although 
many geometric structures and edge-color problems have been studied in graph theory [SZlEHlEni 
uni mi in US] and applied to various infrastructure networks m m SHI sz], it has not been applied 
to P2P hardware-based secure key exchange networks other than [33]. Many network applications 
assume overlapping signals in the same channel is possible, and do not have a dedicated channel in 
which every vertex connects with every other vertex. For QKD and KLJN network applications these 
networks require dedicated communication channels with no overlapping signals, and RR solutions to 
different geometric structures. The star network protocol presented in section 2.2 is specifically for QKD 
and KLJN networks, and is significant since it combines residual SBEP steps whenever possible, thus 
lowering the total number of SBEPs needed, after a thorough literature review a similar RR solution 
was not found and the most similar solution found is in [3^ . 

2.3 Protocol and analysis of the star network 

For a network with N hosts the star key exchange network protocol begins with every odd numbered 
host say Rh host with i being odd and processes a secure bit exchange with their upstream nearest 
neighbor, that is host i+1, this will take one Secure Bit Exchange Period (SBEP) and the secure key 
exchange between different hosts will occur simultaneously. For example, host 1 will process a secure 
bit exchange with host 2, while host 3 will process a secure bit exchange with host 4, while host — 1 
will process a secure bit exchange with host if is even, or host N — 2 will process a secure bit 
exchange with host A^ — 1 if A^ is odd. If N is odd, then the last host, that is host N, will not process 
a secure bit exchange in the first SBEP step. The next step in the protocol is for every even numbered 
host say Rh host with i being even will process a secure bit exchange with their nearest upstream 
neighbor, say host z-1-1, simultaneously. For example, host 2 will process a secure bit exchange with 
host 3, while host 4 will process a secure bit exchange with host 5, while host A^ — 1 will process a 
secure bit exchange with host A^ if A^ is even, or host N will process a secure bit exchange with host 1 if 
N is odd, note that the protocol will wrap around from the last host N to the first host 1. The circular 
nature of the star network is a reason why it is faster than the linear chain network with similar cable 


5 














Figure 6: An illustration of the example of the star network protocol STAR for a network with 5 hosts. 
It takes six SBEP steps for every host in the network to process a secure bit exchange with every other 
host. 


(a) 1st SBEP step 



(d) Ath SBEP step 

H H 



(b) 2nd SBEP step (c) 3rd SBEP step 




and hardware complexities. The star network protocol STAR then continues with every odd host to 
process a secure bit exchange with their upstream second nearest neighbor, that is every Rh host with 
i being odd with host t+2, then the even numbered hosts will process a secure bit exchange with their 
second nearest neighbor, say every Rh host with i being even with host i+2. The protocol continues by 
having every host process a secure bit exchange with their third nearest neighbors, then fourth nearest 
neighbors, and continues until every host in the network has processed a secure bit exchange with every 
other host. 

As an example Figure [^illustrates every step of the protocol STAR for a network with 5 hosts. The 
hrst SBEP step in the protocol is illustrated in sub-hgure ^ note how every odd numbered host i has a 
secure bit exchange with their next upstream nearest neighbor host i+1. The second SBEP step in the 
protocol is illustrated in sub-hgure note how every even numbered host i has a secure bit exchange 
with their next upstream nearest neighbor host i+1. The third SBEP step in the protocol is illustrated 
in sub-hgure [^ Since the number of hosts in the network is odd it will take additional SBEP steps 


to process a secure bit exchange with these remaining hosts, these are residual SBEP steps. Note how 
the last host wraps around to the hrst host. The fourth SBEP step in the protocol is illustrated in 
sub-hgure [^ In this SBEP step every odd numbered host i has a secure bit exchange with their second 
upstream nearest neighbor host i+2. The hfth SBEP step in the protocol is illustrated in sub-hgure |6el 
this step is similar to step 4 except that now the even numbered hosts process a secure bit exchange with 
their second upstream nearest neighbors. The sixth and last SBEP step in the protocol is illustrated in 
sub-hgure [^ Since N is odd the protocol requires additional residual SBEP steps to process a secure 
bit exchange with the remaining hosts. Note that for this example of the STAR protocol with N = 5 
hosts requires six SBEP steps for every host in the network to process a secure bit exchange with every 
host. Table demonstrates what every host is doing at every step in the protocol of this example as 
illustrated in Figure Table [^ is the legend for table The arrow symbol is used as x —)■ y 
meaning host x is processing a secure bit exchange with host y. The star symbol means the host 
of this row is being utilized. The circle symbol “Q” means the host of this row is not active. 
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Host 

(a) 1st SBEP 

(b) 2nd SBEP 

(c) 3rd SBEP 

(d) 4th SBEP 

(e) 5th SBEP 

(f) 6th SBEP 

1 

1 ^ 2 

0 

★ 

1 ^ 3 

★ 

0 

2 

★ 

2^3 

0 

2^4 

0 

★ 

3 

3^4 

★ 

0 

★ 

3^5 

0 

4 

★ 

4^5 

0 

★ 

4 ^ 1 

0 

5 

0 

★ 

5 ^ 1 

0 

★ 

5^2 


Table 1: This table demonstrates what every host is doing at every SBEP step in the protocol STAR 
as described in the example and illustrated in Figure 


Symbol 

Meaning of symbols in table 1 

X ^ y 

Host X processing a secure bit exchange with host y. 

★ 

Host of this row is being utilized. 

0 

Host of this row is inactive. 


Table 2: This table is the legend of table 


The number of SBEPs needed in the STAR protocol is dependent on the number of hosts N in the 
network. Table shows the number of SBEPs needed in the star network for every host to process 
a secure bit exchange with every other host in the network, for star networks with up to 20 hosts. 
Figure is the plot of table with N being the independent variable and SBEP being the dependent 
variable. The linear regression line is f{N) = 1.3192982456 ■ N — 1.301754386, and the coefficient of 
determination is = 0.988989157. 


N, number of hosts in star network 

SBEP(A^), number of SBEP steps 
needed for a network with N 
hosts 

2 

1 

3 

3 

4 

3 

5 

6 

6 

6 

7 

8 

8 

8 

9 

12 

10 

12 

11 

14 

12 

14 

13 

17 

14 

17 

15 

19 

16 

19 

17 

22 

18 

22 

19 

24 

20 

24 


Table 3: This table shows the number of SBEPs needed in star networks with 2 hosts to 20 hosts, with 
every host in the network to process a secure bit exchange with every other host. 
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Figure 7: This is the plot of table The data points are plotted along with a linear regression line which 
is f{N) = 1.3192982456 ■ N — 1.301754386, and the coefficient of determination is = 0.988989157. 
The horizontal axis is N meaning the number of hosts in the star network. The vertical axis is SBEP(A^) 
meaning the number of SBEP steps needed for a network with N hosts. 



Number of hosts N 


The patterns and relations in the star network protocol can be seen in table and Figure Note 
that when N is evenly divisible by 2 then it will take exactly 2 SBEP steps for every host i to process a 
secure bit exchange with their nearest neighbor host i+1. If iV is not evenly divisible by 2 then it will 
take exactly 3 SBEP steps for every host i to process a secure bit exchange with their nearest neighbor 
host i+1. The results are the same for every case when N is divided by 3, 4, 5, ..., (iV — l)/2, and 
every host i processes a secure bit exchange with their second, third, fourth, ..., [N — 2)/2th nearest 
neighbor, that is host i+2, i+3, i+4, ..., i+{N — 2) respectively. There is a unique case when N is 
even and is divided by N/2, in this case only one SBEP step is needed to process a secure bit exchange. 
The residual steps are combined whenever possible. For example, in the case when N = 7, the 6th 
and 9th steps can be combined into one step resulting in one less SBEP step. These patterns and 
relations were used to conceive equations (la) through ( |ld[ ), where the “[]” symbol in the equations is 
the ceiling function, N is the number of hosts and SBEP(iV) is the number of SBEPs needed to share 
an independent secure bit for each possible pairs formed in the network, which means each host share 
— 1 secure bits. (Note, after this sharing, each possible pairs formed in the network has only a single 
bit of their respective secure key. Thus to share a key with k bits, the above process must be repeated 
k times.) 


SBEP(Ar) = N + 

'N' 

T 

SBEP(Ar) = N + 

'N 

~4 

SBEP(Ar) = N + 

'N' 

~4 


SBEP(Ar) = N + 


— 2 for N < 8 and N is even. 

— 1 for < 8 and N is odd. 


— 1 for N > 8 and N is even. 


N 

~4 


for A^ > 8 and N is odd. 


(la) 

(lb) 

(l c) 

(l d) 


The reliability of the star network is dependent on its center switch, cable, and key exchanger. One 













































could sabotage the entire network just by damaging the center switch in the star network. If a cable or 
key exchanger is damaged in the star network then the affected host will be effectively disconnected from 
the entire network, but the unaffected hosts will be able to continue processing a secure bit exchange 
with other hosts in the network. 

To add additional hosts in the star network will require every hosts in the network to change the 
protocol from N to A^ + 1, which is a relatively simple process since the protocols can be preprogrammed 
in the hosts. 

The star network could be utilized in many situations including vehicle information networks ^81H9] 
and inside equipment with components spread around a central processing unit such as a computer. 

2.4 Comparing network topologies 

Table 1^ compares the fully connected network with N — 1 key exchangers per host denoted by FCNat-i, 
the fully connected network with 1 key exchanger per host denoted by FCNi, the linear chain network 
protocol with 2 key exchangers per hosts is denoted by LCH, and the star network protocol with 1 
communicator per host denoted by STAR. As can be seen from table the fastest network is the 
FCNjv_i network, the networks with the least cost of cables are the linear chain network and the star 
network, and the networks with the least cost of key exchangers are FCNi, linear chain network, and 
star network. These results will hold for both KLJN and QKD systems. These results show that the 
star network has better performance than the linear chain network with similar cost of cables and key 
exchangers. 


Network type 

Tcable(A^) 

TUN) 

TumeiN) 

FCNat.i 

0{N^) 

0{N^) 

0(1) 

FCNi 

0{N^) 

0{N) 

0{N) 

LCH 

0{N) 

0{N) 

0{N^) 

STAR 

0{N) 

0{N) 

0{N) 


Table 4: This table summarizes the complexities of the fully connected networks FCNjv-i and FCNi, 
the linear chain network protocol LCH, and the star network protocol STAR. 

The robustness and reliability of each network is dependent on its geometric topology. If a cable 
is damaged then it is best to have a FCNiv-i network since only one connection between two hosts 
will be lost. In the linear chain network the entire network will be divided. In the star network the 
affected host will be completely disconnected from the network. If a key exchanger is damaged then it 
is best to have a linear chain network since the only consequences will be a slower secure bit exchange 
process, but every host will still be able to process a secure bit exchange with every other host. In 
the FCNjv-i network a damaged key exchanger will only affect one connection between two hosts. In 
the star network a damaged key exchanger will completely disconnect the affected host from the entire 
network. Another weakness of the star network is the center switch, if the center switch is damaged then 
the entire network is disconnected. Based on these three networks one can argue that the most robust 
reliable network is the FCN^v-i followed by the linear chain network, and the least robust network of 
these three would be the star network. 

To add hosts to the FCNtv-i network would be trivial since the FCNat.i does need a protocol, all 
that is needed is to connect the host to every other host. To add hosts to the linear chain network and 
the star network will require every hosts in the network to change the protocol from N hosts to A^ + 1 
hosts, this will be a relatively simple process as every host can be preprogrammed. 

2.5 Open questions and future studies 

The star network has complexity of 0{N) for the number of cables, key exchangers, and time, but there 
are still numerous other geometric network topologies that have not been explored that might beneht 
KLJN and QKD systems. Other examples for possible networks include matrix networks, that is a 
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grid of several vertical lines and horizontal lines. The matrix network might be a good model for an 
urban city with squared blocks. A wheel network is another possibility that might outperform the star 
network. A wheel network is similar to a star network but with a connecting loop around the branches. 
A web network is another interesting network similar to the wheel network but with concentric circles 
connecting the inner branches. A web network is similar to a spider web with each node being a host. 
A cube network is another interesting possibility that could be utilized in a skyscraper. A cube network 
is similar to the matrix network except that it is three dimensions. A sphere network might be another 
interesting three-dimensional network that can be compared with the cube network. 

Since different geometrical topologies give different trade-offs, another interest is to explore the 
trade-offs of the different networks, and why it is preferable to sacrifice speed, communicators, or key 
exchangers for infrastructure and vice versa. Another possible interest is to analyze and compare every 
geometric network with different number of communicators and how well they scale with speed. Another 
possibility is to combine several of these networks into one network and analyze its performance, in 
graph theory this is known as hybrid networks. 

Different geometic network structures have different vulnerabilites, an analysis of each network’s 
vulnerabilites, robustness, reliability, and different kinds of attacks would be interesting to explore and 
compare. 


3 Conclusions 


In this study we considered the need for unconditional secure key exchange along with the need to 
have P2P networks since QKD and KLJN require P2P networks. We reviewed a simple P2P network 
known as the fully connected network. We also reviewed the linear chain network and analyzed the 
star network to compared it with fully connected networks and the linear chain network. We conceived 


a protocol and equations (la) through (Id) to describe the star network. The results show that the 
star network compares favorably to the linear chain network and the fully connected network. Even 
though the star network utilizes only one key exchanger per host, its time complexity is superior to 
that of the linear chain network, while its cable complexity is the same. The star network’s cable and 
key exchanger complexity is superior to that of the fully connected network, while its time complexity 
is worse than FCNat-i, but is similar to FCNi. We found that the star network fairs worse than the 
linear chain network and the fully connected network in robustness and reliability as the star network 
can be entirely disconnected by damaging the center switch. We then considered several other possible 
network geometries that might be interesting to explore and to compare. 
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